Air Canada Breached Amidst Wave of Attacks On Canadian Sites

  • by Cybersecurity Analyst
Attacks


In a recent Cybersecurity incident, Air Canada, the largest airline and “flag-carrier” of Canada, revealed that an unauthorized group gained access, at an unknown time and for an unknown duration, to its internal systems, compromising the personal information (PII) of its employees.

Air Canada spokesperson Peter Fitzpatrick confirmed that an unauthorized group of individuals breached the airline’s internal system, compromising certain records of its employees. The specific details of the breach, including the number of affected employees and the nature of the compromised records, have not been disclosed. Flight operations systems and customer-facing systems were not affected, and no customer information was accessed, according to Fitzpatrick

Timeline of the Breach

The exact timeline of the breach remains unclear as Air Canada has not provided specific information regarding when the breach occurred or when the company became aware of the incident.

Response and Security Measures

Upon discovering the breach, Air Canada took immediate action to address the situation. The company notified relevant authorities and initiated contact with affected employees. Furthermore, Air Canada reassured the public that all its systems are fully operational and that additional security measures have been implemented to prevent future incidents. The airline has sought assistance from leading global Cybersecurity experts to enhance its security infrastructure.

In carrying out a brief dark web monitoring exercise of Air Canada’s domain, aircanada.com, Kaduu’s Cybersecurity Analysts reported seeing some older user logins and passwords belonging to Air Canada staff, posted on the darknet, including what appear to be company email account logins. The analysts did not attempt to validate the passwords, but the presence of this type of data gives cause for concern – corporate credentials are comparatively rare, with most account leaks associated with corporate domains being related to 3rd party sites (travel, hotels, retail, careers etc).

Personal Information and Privacy Concerns

While the airline has not disclosed the exact nature of the compromised records, Air Canada has stated that the accessed information was strictly internal, suggesting that customer data was not compromised. However, the breach highlights the importance of safeguarding personal information and the need for organizations to prioritize data security by establishing dark web monitoring programs, as part of an integrated and holistic Cybersecurity strategy.

Regulatory Actions and Investigations

The Office of the Privacy Commissioner of Canada has been notified of the breach and is currently reviewing the report to determine the next steps. Given that Air Canada is headquartered in Montreal, it is likely that the police of jurisdiction in Quebec, such as the Sûreté du Québec and RCMP, have been contacted to investigate the breach. These regulatory actions aim to hold the responsible parties (which includes Air Canada, as well as the darknet predators) accountable and ensure that appropriate measures are taken to prevent similar incidents in the future.

Increasing Threat of Cyberattacks

Against the backdrop of a high-stakes diplomatic row between India and Canada over the alleged assassination of an Indian/Canadian dual national, the Air Canada breach should not be seen in isolation. Simultaneously, there has been a growing wave of Cyberattacks targeting Canadian organizations. Both public and private entities across the country have experienced data breaches and Cyberattacks, posing significant threats to national security and economic prosperity. Darknet monitoring is an important tool in identifying vulnerable infrastructure and risk-prone employees, 3rd parties and contractors who may inadvertently or carelessly allow darknet predators to have undetected access to back-office systems.

Current Cybersecurity Landscape in Canada

Despite the increasing frequency of Cyberattacks, federal Cybersecurity legislation in Canada has been slow to progress. Companies have been urged to invest more in Cybersecurity, yet many have not allocated adequate resources to protect their systems effectively.

Conclusion

The breach at Air Canada serves as a stark reminder of the persistent threats posed by Cybercriminals. Organizations must prioritize Cybersecurity and implement robust measures to protect sensitive data from unauthorized access. As the Cybersecurity landscape continues to evolve, it is imperative for businesses to remain proactive and stay updated on the latest security practices to mitigate the risks associated with data breaches.

By adopting a comprehensive approach to Cybersecurity, organizations can safeguard their systems, protect customer information, and maintain the trust of their stakeholders. Air Canada’s breach should serve as a wake-up call for all businesses to bolster their security measures and invest in the necessary resources to combat Cyber threats effectively.

Kaduu’s advice: remember, Cybersecurity is an ongoing process. Stay informed, stay vigilant, and think like a hacker to stay secure.

Related Posts